Back to skill

Security audit

xiaodu-movie-mode-official

Security checks across malware telemetry and agentic risk

Overview

This is a clearly described smart-home movie-mode orchestrator, but users should understand it can change real device states and save explicit movie-mode preferences.

Install only if you trust the separate xiaodu-control-official skill and its scripts, because this skill will call them to change lights, curtains, TVs, projectors, signals, volume, and smart-screen speech. Treat natural phrases like 'I want to watch a movie' as commands in this setup, and review or clear any saved XIAODU_CONTEXT.md or MEMORY.md preferences if household defaults change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases include broad everyday expressions such as '我要看电影' and '准备看电影了', which can plausibly occur in normal conversation without explicit intent to activate home automation. In this skill’s context, accidental invocation can cause real-world actions like changing lights, curtains, TVs, or other IoT devices, so unintended activation has tangible safety and privacy consequences.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The test cases explicitly require writing persistent user preferences into XIAODU_CONTEXT.md, but do not mention notice, consent, retention limits, or data minimization. Persisting behavioral preferences without user warning can create a privacy issue, especially on shared household devices where other users may not expect their habits or defaults to be stored.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger examples include broad, natural phrases such as '我要看电影' and '帮我安排观影' that could plausibly occur in ordinary conversation without an explicit intent to execute home-device automation. In this skill’s context, accidental activation can cause real-world side effects such as dimming lights, closing curtains, powering displays, or changing device state, so overbroad invocation criteria are a genuine safety and security concern.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation instructs that user preferences like device choice, lighting, and HDMI behavior should be written into `XIAODU_CONTEXT.md` without mentioning notice, consent, retention limits, or sensitivity review. In a smart-home context, these preferences can reveal behavioral patterns and household setup, and silent persistence increases privacy risk and the chance of unwanted long-term automation behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.